Table of Contents

SSL/HTTPS with FOP2 (ACME Certificate)

Note: AstLinux 1.3.0 or later is required

If you access FOP2 via an HTTPS connection, FOP2 can be configured to use SSL, internally secure websockets wss:, as such most modern browsers expect valid certificates for secure websocket connections. While it is possible to create a self-signed certificate and deploy it to all your FOP2 client devices (see next section), a far more convenient approach is to generate globally valid
ACME (Let's Encrypt) Certificates that the FOP2 client devices can validate by following the global certificate chain.

At minimum, The “HTTPS Server” ACME Deploy Service must be checked, ACME certificate issued and deployed using
ACME (Let's Encrypt) Certificates. The /mnt/kd/ssl/https_stunnel_server.pem PEM file should now exist.

Edit the /etc/fop2/fop2.cfg file and uncomment (enable) and edit the following lines: